网络虚拟化技术
OpenVSwitch:虚拟交换机
VLAN, VXLAN
虚拟路由器
什么是VLAN?
Virtual LAN:LAN即为广播帧到的节点范围,也即能够直接通信的范围;
VLAN:
基于MAC地址
基于交换机Port实现
基于IP地址实现
基于用户实现
交换机接口的类型:
访问链接:access link
汇聚链接:trunk link
VLAN的汇聚方式:
IEEE 802.1q
ISL:Inter Switch Link
VLAN间路由:
路由器:
访问链接:router为每个VLAN提供一个接口
汇聚链接:router只向交换机提供一个接口
三层交换机:
网络虚拟化:
复杂的虚拟化网络:
netns
OpenVswitch
OVS:基于C语言研发,
802.1q, trunk, access
NIC bonding
NetFlow, sFlow
Qos配置及策略
GRE, VxLAN,
OpenFlow
OVS的组成部分:
ovs-vswitchd:OVS daemon,实现数据报文交换功能,和Linux内核兼容模块一同实现基于流的交换技术;
ovsdb-server:轻量级的数据库服务,主要保存了整个OVS的配置信息,例如接口、交换内容、VLAN等等,ovs-vswithed的交换功能基于此库实现;
ovs-dpctl:配置交换机内核模块的工具程序,用于控制转发规则;
ovs-vsctl:用于获取或更改ovs-vswitchd的配置信息,其修改操作会保存至ovsdb-server中;
ovs-appctl
ovsdbmonitor:gui工具显示ovsdb-server中的数据信息的;
ovs-controller:流控工具
ovs-ofctl
ovs-pki:为openflow创建管理pki的命令行工具;vos-vsctl命令的使用:
show:ovsdb配置内容查看
add-br NAME:添加桥设备;
list-br:显示所有已定义的BRIDGE
del-br BRIDGE:删除桥
add-port BRIDGE PORT:将PORT添加至指定的BRIDGE
list-ports BRIDGE:显示指定BRIDGE上已经添加的所有PORT;
del-port [BRIDGE] PORT:从桥上移除PORT;
/etc/if-up脚本:
#!/bin/bash
#
bridge=br-in
if [ -n "$1" ]; then
ip link set $1 up
sleep 1
ovs-vsctl add-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error: no port specified."
exit 2
fi
/etc/if-down脚本:
#!/bin/bash
#
bridge=br-in
if [ -n "$1" ]; then
ip link set $1 down
sleep 1
ovs-vsctl del-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error: no port specified."
exit 2
fi
GRE: Generic Routing Encapsulation, 通用路由封装,是一种隧道技术
[root@kvm ~]# modinfo 8021q
filename: /lib/modules/3.10.0-862.el7.x86_64/kernel/net/8021q/8021q.ko.xz
version: 1.8
license: GPL
alias: rtnl-link-vlan
retpoline: Y
rhelversion: 7.5
srcversion: A57F0AC30965A554203D4E3
depends: mrp,garp
intree: Y
vermagic: 3.10.0-862.el7.x86_64 SMP mod_unload modversions
signer: CentOS Linux kernel signing key
sig_key: 3A:F3:CE:8A:74:69:6E:F1:BD:0F:37:E5:52:62:7B:71:09:E3:2B:96
sig_hashalgo: sha256
[root@kvm ~]# modprobe 8021q
[root@kvm ~]# yum info vconfig
Name : vconfig
Arch : x86_64
Version : 1.9
Release : 8.1.el6
Size : 178 k
Repo : installed
From repo : anaconda-CentOS-201410241409.x86_64
Summary : Linux 802.1q VLAN configuration utility
URL : http://www.candelatech.com/~greear/vlan.html
License : GPLv2+
Description : The vconfig program configures and adjusts 802.1q VLAN parameters.
[root@kvm ~]# ls /proc/net/vlan/
config实验环境:
node1:
操作系统:Centos6.6
IP地址:172.16.100.6
内核:2.6.32-504.el6.x86_64
网卡1:VMnet0 172.16.100.10
网卡2:VMnet1 192.168.10.6
网卡3:VMnet8 192.168.243.128
node2:
操作系统:Centos6.6
IP地址:172.16.100.6
内核:2.6.32-504.el6.x86_64
网卡1:VMnet0 172.16.100.20
网卡2:VMnet1 192.168.10.7
网卡3:VMnet2
node3:
操作系统:Centos6.6
IP地址:172.16.100.6
内核:2.6.32-504.el6.x86_64
网卡1:VMnet0 172.16.100.30
网卡2:VMnet1 192.168.10.8
网卡3:VMnet2
node4:
操作系统:Centos6.6
IP地址:172.16.100.6
内核:2.6.32-504.el6.x86_64
网卡1:VMnet0 172.16.100.40
网卡2:VMnet1 192.168.10.9
网卡3:VMnet2
网卡4:VMnet8
node2:
[root@node2 network-scripts]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:D0:92
inet addr:172.16.100.20 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d092/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1402 errors:0 dropped:0 overruns:0 frame:0
TX packets:1191 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:119155 (116.3 KiB) TX bytes:118239 (115.4 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:D0:A6
inet addr:192.168.10.7 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d0a6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:1244 (1.2 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@node2 network-scripts]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 eth1
0.0.0.0 192.168.10.6 0.0.0.0 UG 0 0 0 eth1node3:
[root@node3 network-scripts]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:D6:6A:92
inet addr:172.16.100.30 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fed6:6a92/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:681 errors:0 dropped:0 overruns:0 frame:0
TX packets:602 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:60082 (58.6 KiB) TX bytes:62754 (61.2 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:D6:6A:A6
inet addr:192.168.10.8 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fed6:6aa6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:364 (364.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@node3 network-scripts]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 eth1
0.0.0.0 192.168.10.6 0.0.0.0 UG 0 0 0 eth1node1:
[root@node1 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:99:D9:9E
inet addr:172.16.100.10 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe99:d99e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1464 errors:0 dropped:0 overruns:0 frame:0
TX packets:1011 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:117524 (114.7 KiB) TX bytes:96103 (93.8 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:99:D9:A8
inet addr:192.168.10.6 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe99:d9a8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:670 errors:0 dropped:0 overruns:0 frame:0
TX packets:643 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:53897 (52.6 KiB) TX bytes:36838 (35.9 KiB)
eth2 Link encap:Ethernet HWaddr 00:0C:29:99:D9:B2
inet addr:192.168.243.128 Bcast:192.168.243.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe99:d9b2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:121 errors:0 dropped:0 overruns:0 frame:0
TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8615 (8.4 KiB) TX bytes:2556 (2.4 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:491 errors:0 dropped:0 overruns:0 frame:0
TX packets:491 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:53232 (51.9 KiB) TX bytes:53232 (51.9 KiB)
[root@node1 network-scripts]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.243.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1008 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1009 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1010 0 0 eth2
0.0.0.0 192.168.243.2 0.0.0.0 UG 0 0 0 eth2
[root@node1 ~]# iptables -t nat -A POSTROUTING -s 192.168.10.0/24 -j SNAT --to-source 192.168.243.128
[root@node1 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@node1 ~]# sysctl -pnode4:
[root@node4 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:C7:68:35
inet addr:172.16.100.40 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:6835/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1196 errors:0 dropped:0 overruns:0 frame:0
TX packets:1047 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:101688 (99.3 KiB) TX bytes:108400 (105.8 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:C7:68:3F
inet addr:192.168.10.9 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:683f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3 errors:0 dropped:0 overruns:0 frame:0
TX packets:33 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:218 (218.0 b) TX bytes:2090 (2.0 KiB)
eth2 Link encap:Ethernet HWaddr 00:0C:29:C7:68:49
inet addr:192.168.243.131 Bcast:192.168.243.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:6849/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:26 errors:0 dropped:0 overruns:0 frame:0
TX packets:39 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2428 (2.3 KiB) TX bytes:5236 (5.1 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1232 (1.2 KiB) TX bytes:1232 (1.2 KiB)
[root@node4 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.16.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.243.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1004 0 0 eth2
0.0.0.0 192.168.243.2 0.0.0.0 UG 0 0 0 eth2node2:
[root@node2 ~]# vim /etc/yum.repos.d/openstack.repo
[openstack-icehouse]
name=OpenStack Icehouse Repository
baseurl=https://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/epel-6
enabled=1
skip_if_unavailable=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-Icehouse
priority=98node3:
[root@node3 ~]# vim /etc/yum.repos.d/openstack.repo
[openstack-icehouse]
name=OpenStack Icehouse Repository
baseurl=https://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/epel-6
enabled=1
skip_if_unavailable=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-Icehouse
priority=98node4:
[root@node4 ~]# vim /etc/yum.repos.d/openstack.repo
[openstack-icehouse]
name=OpenStack Icehouse Repository
baseurl=https://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/epel-6
enabled=1
skip_if_unavailable=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-Icehouse
priority=98node2:
[root@node2 ~]# yum -y install openvswitch
[root@node2 ~]# service openvswitch start
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
ovs_version: "2.1.3"
[root@node2 ~]# ovs-vsctl add-br br-in
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# ovs-vsctl list-br
br-in
[root@node2 ~]# ovs-vsctl list-ports br-in
[root@node2 ~]# ovs-vsctl del-br br-in
[root@node2 ~]# ovs-vsctl list-br
[root@node2 ~]# ovs-vsctl add-br br-in
[root@node2 ~]# ovs-vsctl list-br
br-in
[root@node2 ~]# ip link set eth2 up
[root@node2 ~]# ovs-vsctl add-port br-in eth2
[root@node2 ~]# ovs-vsctl list-ports br-in
eth2
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port "eth2"
Interface "eth2"
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# ovs-vsctl list-ifaces br-in
eth2
[root@node2 ~]# ovs-vsctl list Interface #显示interface表中所有信息;
_uuid : 63fb3131-a374-4b69-83b8-4fd90fa21c9e
admin_state : up
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : full
external_ids : {}
ifindex : 4
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : 0
link_speed : 1000000000
link_state : up
mac : []
mac_in_use : "00:0c:29:90:d0:a6"
mtu : 1500
name : "eth2"
ofport : 1
ofport_request : []
options : {}
other_config : {}
statistics : {collisions=0, rx_bytes=0, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=0, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0}
status : {driver_name="e1000", driver_version="7.3.21-k8-NAPI", firmware_version=""}
type : ""
_uuid : 2a840edf-4bd9-482b-8989-5724da97b959
admin_state : up
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : []
external_ids : {}
ifindex : 7
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : 2
link_speed : []
link_state : up
mac : []
mac_in_use : "00:0c:29:90:d0:a6"
mtu : 1500
name : br-in
ofport : 65534
ofport_request : []
options : {}
other_config : {}
statistics : {collisions=0, rx_bytes=468, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=6, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0}
status : {driver_name=openvswitch}
type : internal
[root@node2 ~]# ovs-vsctl list Interface eth2 #显示interface表eth2字段信息;
_uuid : 63fb3131-a374-4b69-83b8-4fd90fa21c9e
admin_state : up
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : full
external_ids : {}
ifindex : 4
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : 0
link_speed : 1000000000
link_state : up
mac : []
mac_in_use : "00:0c:29:90:d0:a6"
mtu : 1500
name : "eth2"
ofport : 1
ofport_request : []
options : {}
other_config : {}
statistics : {collisions=0, rx_bytes=0, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=0, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0}
status : {driver_name="e1000", driver_version="7.3.21-k8-NAPI", firmware_version=""}
type : ""
[root@node2 ~]# ovs-vsctl list Port
_uuid : c0ec3da6-8ec8-4527-b13d-03dbd75f8797
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [2a840edf-4bd9-482b-8989-5724da97b959]
lacp : []
mac : []
name : br-in
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
\_uuid : 8a355f2e-c5dd-4bf9-b0c6-cd82f878478b
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [63fb3131-a374-4b69-83b8-4fd90fa21c9e]
lacp : []
mac : []
name : "eth2"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
[root@node2 ~]# ovs-vsctl list Port eth2
_uuid : 8a355f2e-c5dd-4bf9-b0c6-cd82f878478b
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [63fb3131-a374-4b69-83b8-4fd90fa21c9e]
lacp : []
mac : []
name : "eth2"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
[root@node2 ~]# ovs-vsctl find Port name='eth2' #查看Port name为eth2的信息
_uuid : 8a355f2e-c5dd-4bf9-b0c6-cd82f878478b
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [63fb3131-a374-4b69-83b8-4fd90fa21c9e]
lacp : []
mac : []
name : "eth2"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
[root@node2 ~]# ovs-vsctl del-port br-in eth2
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"两个虚拟机桥接互相通信:
[root@node2 ~]# yum -y install qemu-kvm
[root@node2 ~]# ln -sv /usr/libexec/qemu-kvm /usr/bin/
[root@node2 ~]# mkdir -pv /vm/images
[root@node2 ~]# cd /vm/images/
[root@node2 images]# ll
total 21952
-rw-r--r-- 1 root root 11010048 Jan 11 22:43 cirros-no_cloud-0.3.0-i386-disk.img
-rw-r--r-- 1 root root 11468800 Jan 11 22:43 cirros-no_cloud-0.3.0-x86_64-disk.img
[root@node2 ~]# vim /etc/if-up
#!/bin/bash
\#
bridge=br-in
if [ -n "$1" ]; then
ip link set $1 up
sleep 1
ovs-vsctl add-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error: no port specified."
exit 2
fi
[root@node2 ~]# chmod +x /etc/if-up
[root@node2 images]# vim /etc/if-down
#!/bin/bash
\#
bridge=br-in
if [ -n "$1" ]; then
ip link set $1 down
sleep 1
ovs-vsctl del-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error: no port specified."
exit 2
fi
[root@node2 images]# chmod +x /etc/if-down
[root@node2 images]# qemu-kvm -name "c1" -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-i386-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=no -nographic
[root@node2 ~]# ps aux | grep qemu-kvm
root 29631 8.8 3.3 1362396 63672 pts/0 Sl+ 22:46 0:12 qemu-kvm -name c1 -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-i386-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=/etc/if-down -nographic
root 29698 0.0 0.0 103252 832 pts/1 S+ 22:48 0:00 grep qemu-kvm
[root@node2 ~]# kill -9 29631
[root@node2 images]# qemu-kvm -name "c1" -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-i386-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
[root@node2 images]# yum -y install tigervnc
[root@node2 ~]# vncviewer :5900 &
[root@node2 ~]# ifconfig
br-in Link encap:Ethernet HWaddr B2:3D:3C:A1:E2:4C
inet6 addr: fe80::9a:f8ff:fe4d:26ee/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:36 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5736 (5.6 KiB) TX bytes:468 (468.0 b)
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:D0:92
inet addr:172.16.100.20 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d092/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:76933 errors:0 dropped:0 overruns:0 frame:0
TX packets:25818 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:62971907 (60.0 MiB) TX bytes:4068338 (3.8 MiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:D0:9C
inet addr:192.168.10.7 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d09c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:58863 errors:0 dropped:0 overruns:0 frame:0
TX packets:23909 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:58898126 (56.1 MiB) TX bytes:1453911 (1.3 MiB)
eth2 Link encap:Ethernet HWaddr 00:0C:29:90:D0:A6
inet6 addr: fe80::20c:29ff:fe90:d0a6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:468 (468.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:5532 errors:0 dropped:0 overruns:0 frame:0
TX packets:5532 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:105847996 (100.9 MiB) TX bytes:105847996 (100.9 MiB)
vif0.0 Link encap:Ethernet HWaddr BA:E3:C1:A5:9A:EA
inet6 addr: fe80::b8e3:c1ff:fea5:9aea/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1434 (1.4 KiB) TX bytes:468 (468.0 b)
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port "vif0.0"
Interface "vif0.0"
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# qemu-kvm -name "c2" -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-x86_64-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:02 -net tap,ifname=vif1.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port "vif1.0"
Interface "vif1.0"
Port "vif0.0"
Interface "vif0.0"
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# ifconfig
br-in Link encap:Ethernet HWaddr B2:3D:3C:A1:E2:4C
inet6 addr: fe80::9a:f8ff:fe4d:26ee/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:45 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:7170 (7.0 KiB) TX bytes:468 (468.0 b)
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:D0:92
inet addr:172.16.100.20 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d092/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:77779 errors:0 dropped:0 overruns:0 frame:0
TX packets:26612 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:63050615 (60.1 MiB) TX bytes:4125490 (3.9 MiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:D0:9C
inet addr:192.168.10.7 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d09c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:58869 errors:0 dropped:0 overruns:0 frame:0
TX packets:23917 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:58899075 (56.1 MiB) TX bytes:1454501 (1.3 MiB)
eth2 Link encap:Ethernet HWaddr 00:0C:29:90:D0:A6
inet6 addr: fe80::20c:29ff:fe90:d0a6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:468 (468.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:7130 errors:0 dropped:0 overruns:0 frame:0
TX packets:7130 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:105982114 (101.0 MiB) TX bytes:105982114 (101.0 MiB)
vif0.0 Link encap:Ethernet HWaddr BA:E3:C1:A5:9A:EA
inet6 addr: fe80::b8e3:c1ff:fea5:9aea/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1434 (1.4 KiB) TX bytes:1902 (1.8 KiB)
vif1.0 Link encap:Ethernet HWaddr 0A:02:BC:DD:F7:DF
inet6 addr: fe80::802:bcff:fedd:f7df/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1434 (1.4 KiB) TX bytes:468 (468.0 b)
[root@node2 ~]# vncviewer :5901 &c1虚拟机配置ip地址:
c2虚拟机配置ip地址并ping c1虚拟机:
设置两个虚拟机在不同VLAN中:
[root@node2 ~]# ovs-vsctl list port
_uuid : 2174c0d4-d837-48f4-a772-057a0d9ec87d
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [15e29bcd-348e-4789-a386-2d75e8d2c8e5]
lacp : []
mac : []
name : "vif1.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : bc9e8ebd-9ac1-4749-8ae9-1166aac9bba8
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [44e8c42a-33e9-499f-835c-2e872a3d2693]
lacp : []
mac : []
name : "vif0.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : c0ec3da6-8ec8-4527-b13d-03dbd75f8797
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [2a840edf-4bd9-482b-8989-5724da97b959]
lacp : []
mac : []
name : br-in
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
[root@node2 ~]# ovs-vsctl set port vif0.0 tag=10
[root@node2 ~]# ovs-vsctl list port
_uuid : 2174c0d4-d837-48f4-a772-057a0d9ec87d
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [15e29bcd-348e-4789-a386-2d75e8d2c8e5]
lacp : []
mac : []
name : "vif1.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : bc9e8ebd-9ac1-4749-8ae9-1166aac9bba8
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [44e8c42a-33e9-499f-835c-2e872a3d2693]
lacp : []
mac : []
name : "vif0.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
_uuid : c0ec3da6-8ec8-4527-b13d-03dbd75f8797
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [2a840edf-4bd9-482b-8989-5724da97b959]
lacp : []
mac : []
name : br-in
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []通过c2虚拟机ping c1虚拟机不通:
[root@node2 ~]# ovs-vsctl set port vif1.0 tag=10
[root@node2 ~]# ovs-vsctl list port
_uuid : 2174c0d4-d837-48f4-a772-057a0d9ec87d
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [15e29bcd-348e-4789-a386-2d75e8d2c8e5]
lacp : []
mac : []
name : "vif1.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
_uuid : bc9e8ebd-9ac1-4749-8ae9-1166aac9bba8
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [44e8c42a-33e9-499f-835c-2e872a3d2693]
lacp : []
mac : []
name : "vif0.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
_uuid : c0ec3da6-8ec8-4527-b13d-03dbd75f8797
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [2a840edf-4bd9-482b-8989-5724da97b959]
lacp : []
mac : []
name : br-in
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []通过c2虚拟机ping c1虚拟机通:
跨交换机实现VLAN间通信:
[root@node2 ~]# cp -a /etc/if-up /etc/if-up2
[root@node2 ~]# cp -a /etc/if-down /etc/if-down2
[root@node2 ~]# vim /etc/if-down2
#!/bin/bash
#
bridge='br-test'
if [ -n "$1" ]; then
ip link set $1 down
sleep 1
ovs-vsctl del-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error: no port specified."
exit 2
fi
[root@node2 ~]# vim /etc/if-up2
#!/bin/bash
#
bridge='br-test'
if [ -n "$1" ]; then
ip link set $1 up
sleep 1
ovs-vsctl add-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error: no port specified."
exit 2
fi
[root@node2 ~]# ovs-vsctl add-br br-test
[root@node2 ~]# ovs-vsctl list-br
br-in
br-test
[root@node2 images]# cp cirros-no_cloud-0.3.0-i386-disk.img c3.img
[root@node2 images]# qemu-kvm -name "c3" -m 128 -smp 1 -drive file=/vm/images/c3.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:03 -net tap,ifname=vif2.0,script=/etc/if-up2,downscript=/etc/if-down2 -daemonize
[root@node2 images]# vncviewer :5902 &
[root@node2 images]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-test
Port br-test
Interface br-test
type: internal
Port "vif2.0"
Interface "vif2.0"
Bridge br-in
Port "vif1.0"
tag: 10
Interface "vif1.0"
Port "vif0.0"
tag: 10
Interface "vif0.0"
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"c3虚拟机配置ip地址,并ping c1虚拟机:
[root@node2 images]# ip link add s0 type veth peer name s1
[root@node2 images]# ip link show
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:90:d0:92 brd ff:ff:ff:ff:ff:ff
3: eth1: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:90:d0:9c brd ff:ff:ff:ff:ff:ff
4: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:90:d0:a6 brd ff:ff:ff:ff:ff:ff
5: ovs-system: mtu 1500 qdisc noop state DOWN
link/ether 72:ad:b4:34:d8:df brd ff:ff:ff:ff:ff:ff
7: br-in: mtu 1500 qdisc noqueue state UNKNOWN
link/ether b2:3d:3c:a1:e2:4c brd ff:ff:ff:ff:ff:ff
19: vif0.0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether ba:e3:c1:a5:9a:ea brd ff:ff:ff:ff:ff:ff
20: vif1.0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether 0a:02:bc:dd:f7:df brd ff:ff:ff:ff:ff:ff
21: br-test: mtu 1500 qdisc noqueue state UNKNOWN
link/ether 6a:da:1e:55:a7:4b brd ff:ff:ff:ff:ff:ff
22: vif2.0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether 6e:58:20:68:41:b1 brd ff:ff:ff:ff:ff:ff
23: s1: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 0a:83:ac:82:c7:e2 brd ff:ff:ff:ff:ff:ff
24: s0: mtu 1500 qdisc noop state DOWN qlen 1000
link/ether 86:31:51:99:60:1b brd ff:ff:ff:ff:ff:ff
[root@node2 images]# ip link set s0 up
[root@node2 images]# ip link set s1 up
[root@node2 images]# ovs-vsctl add-port br-in s0
[root@node2 images]# ovs-vsctl add-port br-test s1
[root@node2 images]# ovs-vsctl list port
_uuid : 2174c0d4-d837-48f4-a772-057a0d9ec87d
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [15e29bcd-348e-4789-a386-2d75e8d2c8e5]
lacp : []
mac : []
name : "vif1.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
_uuid : 1eeafcbd-2d28-4ee3-8f5a-3cd4886ed131
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [05694500-aef6-4ca2-a3bb-af5dfbd4f6eb]
lacp : []
mac : []
name : "s1"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : f2a3ff9d-2b80-4835-aa00-30e810575a0f
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [ec0ef0c7-bf7b-4e88-a056-867f4656a993]
lacp : []
mac : []
name : "vif2.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : bc9e8ebd-9ac1-4749-8ae9-1166aac9bba8
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [44e8c42a-33e9-499f-835c-2e872a3d2693]
lacp : []
mac : []
name : "vif0.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
_uuid : 1fffde51-e487-4000-bc9e-5019fecaab76
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [3c334135-6939-4f78-8dc7-d3061e3f095b]
lacp : []
mac : []
name : "s0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : 7f03d58e-03db-44f9-8f8e-61a2cc73425a
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [cc6867bd-2deb-43c5-8b9f-cccead75e495]
lacp : []
mac : []
name : br-test
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : c0ec3da6-8ec8-4527-b13d-03dbd75f8797
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [2a840edf-4bd9-482b-8989-5724da97b959]
lacp : []
mac : []
name : br-in
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
[root@node2 images]# ovs-vsctl set port vif2.0 tag=10 c3虚拟机ping c1虚拟机通:
[root@node2 images]# ovs-vsctl remove port vif2.0 tag 10
[root@node2 images]# ovs-vsctl list port
_uuid : 2174c0d4-d837-48f4-a772-057a0d9ec87d
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [15e29bcd-348e-4789-a386-2d75e8d2c8e5]
lacp : []
mac : []
name : "vif1.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
_uuid : 1eeafcbd-2d28-4ee3-8f5a-3cd4886ed131
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [05694500-aef6-4ca2-a3bb-af5dfbd4f6eb]
lacp : []
mac : []
name : "s1"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : f2a3ff9d-2b80-4835-aa00-30e810575a0f
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [ec0ef0c7-bf7b-4e88-a056-867f4656a993]
lacp : []
mac : []
name : "vif2.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : bc9e8ebd-9ac1-4749-8ae9-1166aac9bba8
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [44e8c42a-33e9-499f-835c-2e872a3d2693]
lacp : []
mac : []
name : "vif0.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
_uuid : 1fffde51-e487-4000-bc9e-5019fecaab76
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [3c334135-6939-4f78-8dc7-d3061e3f095b]
lacp : []
mac : []
name : "s0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : 7f03d58e-03db-44f9-8f8e-61a2cc73425a
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [cc6867bd-2deb-43c5-8b9f-cccead75e495]
lacp : []
mac : []
name : br-test
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : c0ec3da6-8ec8-4527-b13d-03dbd75f8797
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [2a840edf-4bd9-482b-8989-5724da97b959]
lacp : []
mac : []
name : br-in
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []通过c3虚拟机ping c1虚拟机不通:
清除之前node2上面的相关操作:
[root@node2 ~]# ps aux | grep qemu-kvm
root 34610 0.4 3.8 1377656 72600 ? Sl 19:36 0:41 qemu-kvm -name c1 -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-i386-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
root 34681 1.4 5.1 1379396 98212 ? Sl 19:43 2:14 qemu-kvm -name c2 -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-x86_64-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:02 -net tap,ifname=vif1.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
root 34896 0.6 3.5 982800 67080 ? Sl 20:28 0:39 qemu-kvm -name c3 -m 128 -smp 1 -drive file=/vm/images/c3.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:03 -net tap,ifname=vif2.0,script=/etc/if-up2,downscript=/etc/if-down2 -daemonize
root 35208 0.0 0.0 103256 840 pts/0 S+ 22:13 0:00 grep qemu-kvm
[root@node2 ~]# kill 34610 34681 34896
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-test
Port "s1"
Interface "s1"
Port br-test
Interface br-test
type: internal
Bridge br-in
Port "s0"
Interface "s0"
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# ovs-vsctl del-port br-test s1
[root@node2 ~]# ovs-vsctl del-port br-in s0
[root@node2 ~]# ovs-vsctl del-br br-test
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# scp -p /etc/if-up /etc/if-down [email protected]:/etc通过gre隧道使两个不同节点的虚拟机通信:
node3:
[root@node3 ~]# yum -y install openvswitch qemu-kvm
[root@node3 ~]# ln -sv /usr/libexec/qemu-kvm /usr/bin/
[root@node3 ~]# service openvswitch start
[root@node3 ~]# ovs-vsctl add-br br-in
[root@node3 ~]# ovs-vsctl list-br
br-in
[root@node3 ~]# mkdir -pv /vm/images
[root@node3 ~]# cd /vm/images/
[root@node3 images]# ll
total 21952
-rw-r--r-- 1 root root 11010048 Jan 13 22:27 cirros-no_cloud-0.3.0-i386-disk.img
-rw-r--r-- 1 root root 11468800 Jan 13 22:27 cirros-no_cloud-0.3.0-x86_64-disk.img
[root@node3 images]# mv cirros-no_cloud-0.3.0-i386-disk.img c1.img
[root@node3 images]# mv cirros-no_cloud-0.3.0-x86_64-disk.img c2.imgnode2:
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# yum -y update iproute
[root@node2 ~]# ip netns add r0
[root@node2 ~]# ip link add sif0 type veth peer name rif0
[root@node2 ~]# ip link set sif0 up
[root@node2 ~]# ip link set rif0 up
[root@node2 ~]# ip link set rif0 netns r0
[root@node2 ~]# ovs-vsctl add-port br-in sif0
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port "sif0"
Interface "sif0"
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"
[root@node2 ~]# ip netns exec r0 ifconfig
[root@node2 ~]# ip netns exec r0 ip link set rif0 up
[root@node2 ~]# ip netns exec r0 ifconfig -a
lo Link encap:Local Loopback
LOOPBACK MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
rif0 Link encap:Ethernet HWaddr 2A:F7:48:22:FD:49
inet6 addr: fe80::28f7:48ff:fe22:fd49/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:468 (468.0 b) TX bytes:936 (936.0 b)
[root@node2 ~]# ip netns exec r0 ip addr add 10.0.4.254/24 dev rif0
[root@node2 ~]# ip netns exec r0 ifconfig
rif0 Link encap:Ethernet HWaddr 2A:F7:48:22:FD:49
inet addr:10.0.4.254 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::28f7:48ff:fe22:fd49/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:468 (468.0 b) TX bytes:936 (936.0 b)
[root@node2 ~]# yum -y install dnsmasq
[root@node2 ~]# ip netns exec r0 dnsmasq -F 10.0.4.200,10.0.4.220,85400 -i rif0
[root@node2 ~]# ip netns exec r0 ss -unl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:53 *:*
UNCONN 0 0 *:67 *:*
UNCONN 0 0 :::53 :::*
[root@node2 ~]# qemu-kvm -name c1 -m 128 -smp 1 -drive file=/vm/images/c3.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
[root@node2 ~]# vncviewer :5900 &查看c1的ip地址:
node3:
[root@node3 ~]# modprobe kvm
[root@node3 ~]# modprobe kvm-intel
[root@node3 ~]# qemu-kvm -name c1 -m 128 -smp 1 -drive file=/vm/images/c1.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:a0:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
[root@node3 ~]# yum -y install tigervnc
[root@node3 ~]# vncviewer :5900 &查看node3上虚拟机,没有地址;
[root@node3 ~]# ovs-vsctl show
85d61be0-079b-4012-a4a6-514dc240e31e
Bridge br-in
Port br-in
Interface br-in
type: internal
Port "vif0.0"
Interface "vif0.0"
ovs_version: "2.1.3"node2:
[root@node2 ~]# ifconfig
br-in Link encap:Ethernet HWaddr B2:3D:3C:A1:E2:4C
inet6 addr: fe80::b03d:3cff:fea1:e24c/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:22 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2716 (2.6 KiB) TX bytes:468 (468.0 b)
eth0 Link encap:Ethernet HWaddr 00:0C:29:90:D0:92
inet addr:172.16.100.20 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d092/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:23795 errors:0 dropped:0 overruns:0 frame:0
TX packets:29241 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2037164 (1.9 MiB) TX bytes:6432445 (6.1 MiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:90:D0:9C
inet addr:192.168.10.7 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d09c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:295 errors:0 dropped:0 overruns:0 frame:0
TX packets:391 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:51974 (50.7 KiB) TX bytes:29245 (28.5 KiB)
eth2 Link encap:Ethernet HWaddr 00:0C:29:90:D0:A6
inet6 addr: fe80::20c:29ff:fe90:d0a6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:468 (468.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:47404 errors:0 dropped:0 overruns:0 frame:0
TX packets:47404 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:286374893 (273.1 MiB) TX bytes:286374893 (273.1 MiB)
sif0 Link encap:Ethernet HWaddr C2:6C:63:CB:97:07
inet6 addr: fe80::c06c:63ff:fecb:9707/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:15 errors:0 dropped:0 overruns:0 frame:0
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2158 (2.1 KiB) TX bytes:2660 (2.5 KiB)
vif0.0 Link encap:Ethernet HWaddr 16:34:FD:C4:CB:FA
inet6 addr: fe80::1434:fdff:fec4:cbfa/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1166 (1.1 KiB) TX bytes:1194 (1.1 KiB)
[root@node2 ~]# ip addr add 192.168.20.1/24 dev eth2
[root@node2 ~]# ifconfig eth2
eth2 Link encap:Ethernet HWaddr 00:0C:29:90:D0:A6
inet addr:192.168.20.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe90:d0a6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:468 (468.0 b)node3:
[root@node3 ~]# ifconfig
br-in Link encap:Ethernet HWaddr DA:DB:F3:DB:95:46
inet6 addr: fe80::6015:5aff:fe98:2028/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1434 (1.4 KiB) TX bytes:468 (468.0 b)
eth0 Link encap:Ethernet HWaddr 00:0C:29:D6:6A:92
inet addr:172.16.100.30 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fed6:6a92/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24747 errors:0 dropped:0 overruns:0 frame:0
TX packets:11097 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:24097209 (22.9 MiB) TX bytes:1567960 (1.4 MiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:D6:6A:9C
inet addr:192.168.10.8 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fed6:6a9c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:31345 errors:0 dropped:0 overruns:0 frame:0
TX packets:19398 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:45467995 (43.3 MiB) TX bytes:1069884 (1.0 MiB)
eth2 Link encap:Ethernet HWaddr 00:0C:29:D6:6A:A6
inet6 addr: fe80::20c:29ff:fed6:6aa6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:468 (468.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:10055 errors:0 dropped:0 overruns:0 frame:0
TX packets:10055 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:49388550 (47.1 MiB) TX bytes:49388550 (47.1 MiB)
vif0.0 Link encap:Ethernet HWaddr 96:85:40:F0:0C:96
inet6 addr: fe80::9485:40ff:fef0:c96/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1434 (1.4 KiB) TX bytes:468 (468.0 b)
[root@node3 ~]# ip link set eth2 up
[root@node3 ~]# ip link list
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d6:6a:92 brd ff:ff:ff:ff:ff:ff
3: eth1: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d6:6a:9c brd ff:ff:ff:ff:ff:ff
4: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d6:6a:a6 brd ff:ff:ff:ff:ff:ff
5: ovs-system: mtu 1500 qdisc noop state DOWN
link/ether b6:9b:3a:a8:dd:29 brd ff:ff:ff:ff:ff:ff
6: br-in: mtu 1500 qdisc noqueue state UNKNOWN
link/ether da:db:f3:db:95:46 brd ff:ff:ff:ff:ff:ff
8: vif0.0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
link/ether 96:85:40:f0:0c:96 brd ff:ff:ff:ff:ff:ff
[root@node3 ~]# ip addr add 192.168.20.2/24 dev eth2
[root@node3 ~]# ping 192.168.20.1
PING 192.168.20.1 (192.168.20.1) 56(84) bytes of data.
64 bytes from 192.168.20.1: icmp_seq=1 ttl=64 time=2.34 ms
64 bytes from 192.168.20.1: icmp_seq=2 ttl=64 time=0.606 ms
64 bytes from 192.168.20.1: icmp_seq=3 ttl=64 time=0.623 ms
^C
--- 192.168.20.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2110ms
rtt min/avg/max/mdev = 0.606/1.189/2.340/0.814 ms node2:
[root@node2 ~]# ovs-vsctl add-port br-in gre0
[root@node2 ~]# ovs-vsctl list port
_uuid : 0142c768-9c0e-466e-8712-85aad7b04818
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [0a044e15-ddce-4cad-8ee4-a8b98c04f44e]
lacp : []
mac : []
name : "gre0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : dcc1c4ee-b5ae-4296-a1a2-2e01887c342d
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [c02d9aa1-27dc-4bae-bd2d-65887b30c4e2]
lacp : []
mac : []
name : "vif0.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : c0ec3da6-8ec8-4527-b13d-03dbd75f8797
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [2a840edf-4bd9-482b-8989-5724da97b959]
lacp : []
mac : []
name : br-in
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
_uuid : d6624cfb-03dc-4a4c-bfc0-8de0cbca2099
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [23de3b31-6f6d-4667-83c4-d6a563469aad]
lacp : []
mac : []
name : "sif0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port "gre0"
Interface "gre0"
Port br-in
Interface br-in
type: internal
Port "sif0"
Interface "sif0"
Port "vif0.0"
Interface "vif0.0"
ovs_version: "2.1.3"
[root@node2 ~]# ovs-vsctl list interface gre0
_uuid : 0a044e15-ddce-4cad-8ee4-a8b98c04f44e
admin_state : []
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : []
external_ids : {}
ifindex : []
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : []
link_speed : []
link_state : []
mac : []
mac_in_use : []
mtu : []
name : "gre0"
ofport : -1
ofport_request : []
options : {}
other_config : {}
statistics : {}
status : {}
type : ""
[root@node2 ~]# ovs-vsctl set interface gre0 type=gre options:remote_ip=192.168.20.2
[root@node2 ~]# ovs-vsctl list interface gre0
_uuid : 0a044e15-ddce-4cad-8ee4-a8b98c04f44e
admin_state : up
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : []
external_ids : {}
ifindex : 0
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : 0
link_speed : []
link_state : up
mac : []
mac_in_use : "de:a9:1c:6a:8e:bf"
mtu : []
name : "gre0"
ofport : 4
ofport_request : []
options : {remote_ip="192.168.20.2"}
other_config : {}
statistics : {collisions=0, rx_bytes=0, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=0, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0}
status : {tunnel_egress_iface="eth2", tunnel_egress_iface_carrier=up}
type : grenode3:
[root@node3 ~]# ovs-vsctl add-port br-in gre0 -- set interface gre0 type=gre options:remote_ip=192.168.20.1
[root@node3 ~]# ovs-vsctl show
85d61be0-079b-4012-a4a6-514dc240e31e
Bridge br-in
Port "gre0"
Interface "gre0"
type: gre
options: {remote_ip="192.168.20.1"}
Port br-in
Interface br-in
type: internal
Port "vif0.0"
Interface "vif0.0"
ovs_version: "2.1.3"
[root@node3 ~]# ovs-vsctl list interface gre0
_uuid : d5fded22-fbc3-45cd-8c42-a42a47d50777
admin_state : up
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : []
external_ids : {}
ifindex : 0
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : 0
link_speed : []
link_state : up
mac : []
mac_in_use : "52:11:26:6d:75:fc"
mtu : []
name : "gre0"
ofport : 2
ofport_request : []
options : {remote_ip="192.168.20.1"}
other_config : {}
statistics : {collisions=0, rx_bytes=0, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=0, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0}
status : {tunnel_egress_iface="eth2", tunnel_egress_iface_carrier=up}
type : gre
[root@node3 ~]# ps aux | grep qemu-kvm
root 1359 0.6 3.7 1378360 71408 ? Sl 21:12 0:21 qemu-kvm -name c1 -m 128 -smp 1 -drive file=/vm/images/c1.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:a0:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
root 27359 0.0 0.0 103256 840 pts/0 S+ 22:12 0:00 grep qemu-kvm
[root@node3 ~]# kill 1359
[root@node3 ~]# qemu-kvm -name c1 -m 128 -smp 1 -drive file=/vm/images/c1.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:a0:01 -net tap,ifname=vif0.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
[root@node3 ~]# vncviewer :5900 &查看node3虚拟机通过gre隧道获取到的ip地址;
通过node2虚拟机ping测试node3虚拟机;
node2:
[root@node2 ~]# tcpdump -i eth2 -nne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
22:18:25.788996 00:0c:29:90:d0:a6 > 00:0c:29:d6:6a:a6, ethertype IPv4 (0x0800), length 136: 192.168.20.1 > 192.168.20.2: GREv0, proto TEB (0x6558), length 102: 52:54:00:00:00:01 > 52:54:00:00:a0:01, ethertype IPv4 (0x0800), length 98: 10.0.4.200 > 10.0.4.201: ICMP echo request, id 44288, seq 9, length 64
22:18:25.790632 00:0c:29:d6:6a:a6 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 136: 192.168.20.2 > 192.168.20.1: GREv0, proto TEB (0x6558), length 102: 52:54:00:00:a0:01 > 52:54:00:00:00:01, ethertype IPv4 (0x0800), length 98: 10.0.4.201 > 10.0.4.200: ICMP echo reply, id 44288, seq 9, length 64
^C
2 packets captured
2 packets received by filter
0 packets dropped by kernel
[root@node2 ~]# qemu-kvm -name vm3 -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-i386-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:02 -net tap,ifname=vif01.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
[root@node2 ~]# vncviewer :5901 &查看node2上vm3的网卡地址;
node3:
[root@node3 ~]# qemu-kvm -name vm4 -m 128 -smp 1 -drive file=/vm/images/c2.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:a0:02 -net tap,ifname=vif1.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
[root@node3 ~]# vncviewer :5901 &查看node3上vm4网卡地址;
在vm4上ping测试到达10.0.4.200、10.0.4.201、10.0.4.202都可以通;
实现200和201互通,202和203互通,200和202隔离,201和203隔离;
node2:
[root@node2 ~]# ovs-vsctl show
37310058-9082-4853-9521-c9bd850b513a
Bridge br-in
Port "gre0"
Interface "gre0"
type: gre
options: {remote_ip="192.168.20.2"}
Port "vif01.0"
Interface "vif01.0"
Port br-in
Interface br-in
type: internal
Port "sif0"
Interface "sif0"
Port "vif0.0"
Interface "vif0.0"
ovs_version: "2.1.3"
[root@node2 ~]# ovs-vsctl set port vif0.0 tag=10 -- set port vif01.0 tag=20
[root@node2 ~]# ovs-vsctl list port vif0.0
_uuid : dcc1c4ee-b5ae-4296-a1a2-2e01887c342d
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [c02d9aa1-27dc-4bae-bd2d-65887b30c4e2]
lacp : []
mac : []
name : "vif0.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 10
trunks : []
vlan_mode : []
[root@node2 ~]# ovs-vsctl list port vif01.0
_uuid : 58c5cd31-01cd-405b-b3d5-6cb480f56d5a
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [836ecd24-ab43-4da1-98bb-871e59015c90]
lacp : []
mac : []
name : "vif01.0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : 20
trunks : []
vlan_mode : []通过node3上面的vm4 ping测试200、202不通;
node3:
[root@node3 ~]# ovs-vsctl set port vif0.0 tag=10
[root@node3 ~]# ovs-vsctl show
85d61be0-079b-4012-a4a6-514dc240e31e
Bridge br-in
Port "vif0.0"
tag: 10
Interface "vif0.0"
Port "gre0"
Interface "gre0"
type: gre
options: {remote_ip="192.168.20.1"}
Port br-in
Interface br-in
type: internal
Port "vif1.0"
Interface "vif1.0"
ovs_version: "2.1.3"通过node3上的c1主机ping测试到200可以通;
[root@node3 ~]# ovs-vsctl set port vif1.0 tag=20
通过node3上的vm4主机ping测试到203可以通;
node2:
[root@node2 ~]# ovs-vsctl remove port vif0.0 tag 10
[root@node2 ~]# ovs-vsctl remove port vif01.0 tag 20node3:[root@node3 ~]# ovs-vsctl remove port vif0.0 tag 10 -- remove port vif1.0 tag 20
node2:[root@node2 ~]# ovs-vsctl del-port br-in gre0
node3:[root@node3 ~]# ovs-vsctl del-port br-in gre0
通过vxlan使两个不同节点虚拟机通信:
node2:
[root@node2 ~]# ovs-vsctl add-port br-in vx0 -- set interface vx0 type=vxlan option:remote_ip=192.168.20.2
[root@node2 ~]# ovs-vsctl list port vx0
_uuid : eb7be7a1-bfc1-4e7c-9844-ff51b194319f
bond_downdelay : 0
bond_fake_iface : false
bond_mode : []
bond_updelay : 0
external_ids : {}
fake_bridge : false
interfaces : [5db05cdc-ebad-43c2-bf9a-91e92ea3382d]
lacp : []
mac : []
name : "vx0"
other_config : {}
qos : []
statistics : {}
status : {}
tag : []
trunks : []
vlan_mode : []
[root@node2 ~]# ovs-vsctl list interface vx0
_uuid : 5db05cdc-ebad-43c2-bf9a-91e92ea3382d
admin_state : up
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : []
external_ids : {}
ifindex : 0
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : 0
link_speed : []
link_state : up
mac : []
mac_in_use : "32:d4:42:58:33:5f"
mtu : []
name : "vx0"
ofport : 6
ofport_request : []
options : {remote_ip="192.168.20.2"}
other_config : {}
statistics : {collisions=0, rx_bytes=0, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=0, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0}
status : {tunnel_egress_iface="eth2", tunnel_egress_iface_carrier=up}
type : vxlannode3:
[root@node3 ~]# ovs-vsctl add-port br-in vx0 -- set interface vx0 type=vxlan options:remote_ip=192.168.20.1
[root@node3 ~]# ovs-vsctl list interface vx0
_uuid : 35c7f6e0-743c-4030-991f-64cab04b961c
admin_state : up
bfd : {}
bfd_status : {}
cfm_fault : []
cfm_fault_status : []
cfm_flap_count : []
cfm_health : []
cfm_mpid : []
cfm_remote_mpids : []
cfm_remote_opstate : []
duplex : []
external_ids : {}
ifindex : 0
ingress_policing_burst: 0
ingress_policing_rate: 0
lacp_current : []
link_resets : 0
link_speed : []
link_state : up
mac : []
mac_in_use : "d2:19:ba:bd:90:b4"
mtu : []
name : "vx0"
ofport : 5
ofport_request : []
options : {remote_ip="192.168.20.1"}
other_config : {}
statistics : {collisions=0, rx_bytes=0, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=0, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0}
status : {tunnel_egress_iface="eth2", tunnel_egress_iface_carrier=up}
type : vxlan通过node2上的c1虚拟机ping到达201、202、203可通;
node2:
[root@node2 ~]# tcpdump -i eth2 -nne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
22:09:19.383182 00:0c:29:90:d0:a6 > 00:0c:29:d6:6a:a6, ethertype IPv4 (0x0800), length 148: 192.168.20.1.35457 > 192.168.20.2.4789: UDP, length 106
22:09:19.383827 00:0c:29:d6:6a:a6 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 148: 192.168.20.2.51166 > 192.168.20.1.4789: UDP, length 106
22:09:20.380803 00:0c:29:90:d0:a6 > 00:0c:29:d6:6a:a6, ethertype IPv4 (0x0800), length 92: 192.168.20.1.53868 > 192.168.20.2.4789: UDP, length 50
22:09:20.382353 00:0c:29:d6:6a:a6 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 92: 192.168.20.2.44743 > 192.168.20.1.4789: UDP, length 50
22:09:20.384451 00:0c:29:90:d0:a6 > 00:0c:29:d6:6a:a6, ethertype IPv4 (0x0800), length 148: 192.168.20.1.35457 > 192.168.20.2.4789: UDP, length 106
22:09:20.385463 00:0c:29:d6:6a:a6 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 148: 192.168.20.2.51166 > 192.168.20.1.4789: UDP, length 106
^C
6 packets captured
6 packets received by filter
0 packets dropped by kernel删除此前的vxlan配置:
node2:[root@node2 ~]# ovs-vsctl del-port br-in vx0
node3:[root@node3 ~]# ovs-vsctl del-port br-in vx0
虚拟机通过vxlan隧道上网:
node4:
[root@node4 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth2
DEVICE="eth2"
BOOTPROTO="static"
IPV6INIT="no"
MTU="1500"
NM_CONTROLLED="no"
ONBOOT="yes"
IPADDR="192.168.20.254"
NETMASK="255.255.255.0"
[root@node4 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth3
DEVICE="eth3"
BOOTPROTO="static"
NM_CONTROLLED="no"
ONBOOT="yes"
BRIDGE="br-ex"
[root@node4 ~]# vim /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE="br-ex"
BOOTPROTO="dhcp"
NM_CONTROLLED="no"
ONBOOT="yes"
TYPE=Bridge
[root@node4 ~]# service network restart
[root@node4 ~]# ifconfig
br-ex Link encap:Ethernet HWaddr 00:0C:29:C7:68:53
inet addr:192.168.243.131 Bcast:192.168.243.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:6849/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:89 errors:0 dropped:0 overruns:0 frame:0
TX packets:38 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5272 (5.1 KiB) TX bytes:5180 (5.0 KiB)
eth0 Link encap:Ethernet HWaddr 00:0C:29:C7:68:35
inet addr:172.16.100.40 Bcast:172.16.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:6835/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:71 errors:0 dropped:0 overruns:0 frame:0
TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5456 (5.3 KiB) TX bytes:5844 (5.7 KiB)
eth1 Link encap:Ethernet HWaddr 00:0C:29:C7:68:3F
inet addr:192.168.10.9 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:683f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:636 (636.0 b)
eth2 Link encap:Ethernet HWaddr 00:0C:29:C7:68:49
inet addr:192.168.20.254 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec7:6849/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:474 (474.0 b) TX bytes:1182 (1.1 KiB)
eth3 Link encap:Ethernet HWaddr 00:0C:29:C7:68:53
inet6 addr: fe80::20c:29ff:fec7:6853/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1260 (1.2 KiB) TX bytes:468 (468.0 b)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:57 errors:0 dropped:0 overruns:0 frame:0
TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:11680 (11.4 KiB) TX bytes:11680 (11.4 KiB)
[root@node4 ~]# yum -y install openvswitch
[root@node4 ~]# service openvswitch start
[root@node4 ~]# ovs-vsctl add-br br-in
[root@node4 ~]# ovs-vsctl show
79dd16d6-cd78-48a9-9079-b252a3d9a806
Bridge br-in
Port br-in
Interface br-in
type: internal
ovs_version: "2.1.3"node2:
[root@node2 ~]# ovs-vsctl add-port br-in gre0
[root@node2 ~]# ovs-vsctl set interface gre0 type=gre options:remote_ip=192.168.20.254node4:
[root@node4 ~]# ovs-vsctl add-port br-in gre0 -- set interface gre0 type=gre options:remote_ip=192.168.20.1
[root@node4 ~]# yum update iproute
[root@node4 ~]# ip netns add r0
[root@node4 ~]# ip link add sin0 type veth peer name rin0
[root@node4 ~]# ip link add sex0 type veth peer name rex0
[root@node4 ~]# ip link set sin0 up
[root@node4 ~]# ip link set sex0 up
[root@node4 ~]# ip link set rin0 netns r0
[root@node4 ~]# ip link set rex0 netns r0
[root@node4 ~]# ip netns exec r0 ifconfig -a
lo Link encap:Local Loopback
LOOPBACK MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
rex0 Link encap:Ethernet HWaddr 72:EE:8E:FE:F0:73
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
rin0 Link encap:Ethernet HWaddr 5E:E0:3C:2B:06:19
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@node4 ~]# ip netns exec r0 ifconfig rin0 10.0.4.100/24 up
[root@node4 ~]# ovs-vsctl add-port br-in sin0
[root@node4 ~]# ip netns exec r0 ping 10.0.4.200
PING 10.0.4.200 (10.0.4.200) 56(84) bytes of data.
64 bytes from 10.0.4.200: icmp_seq=1 ttl=64 time=2.91 ms
^C
--- 10.0.4.200 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 478ms
rtt min/avg/max/mdev = 2.916/2.916/2.916/0.000 ms
[root@node4 ~]# ip netns exec r0 ping 10.0.4.202
PING 10.0.4.202 (10.0.4.202) 56(84) bytes of data.
64 bytes from 10.0.4.202: icmp_seq=1 ttl=64 time=2.89 ms
^C
--- 10.0.4.202 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 367ms
rtt min/avg/max/mdev = 2.899/2.899/2.899/0.000 msnode2:
[root@node2 ~]# tcpdump -i eth2 -nne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
21:56:37.008610 00:0c:29:c7:68:49 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 136: 192.168.20.254 > 192.168.20.1: GREv0, proto TEB (0x6558), length 102: 5e:e0:3c:2b:06:19 > 52:54:00:00:00:01, ethertype IPv4 (0x0800), length 98: 10.0.4.100 > 10.0.4.200: ICMP echo request, id 52109, seq 43, length 64
21:56:37.010308 00:0c:29:90:d0:a6 > 00:0c:29:c7:68:49, ethertype IPv4 (0x0800), length 136: 192.168.20.1 > 192.168.20.254: GREv0, proto TEB (0x6558), length 102: 52:54:00:00:00:01 > 5e:e0:3c:2b:06:19, ethertype IPv4 (0x0800), length 98: 10.0.4.200 > 10.0.4.100: ICMP echo reply, id 52109, seq 43, length 64
21:56:37.144579 00:0c:29:90:d0:a6 > 00:0c:29:c7:68:49, ethertype IPv4 (0x0800), length 80: 192.168.20.1 > 192.168.20.254: GREv0, proto TEB (0x6558), length 46: 52:54:00:00:00:01 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 10.0.4.203 tell 10.0.4.200, length 28
21:56:38.011584 00:0c:29:c7:68:49 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 136: 192.168.20.254 > 192.168.20.1: GREv0, proto TEB (0x6558), length 102: 5e:e0:3c:2b:06:19 > 52:54:00:00:00:01, ethertype IPv4 (0x0800), length 98: 10.0.4.100 > 10.0.4.200: ICMP echo request, id 52109, seq 44, length 64
21:56:38.012246 00:0c:29:90:d0:a6 > 00:0c:29:c7:68:49, ethertype IPv4 (0x0800), length 136: 192.168.20.1 > 192.168.20.254: GREv0, proto TEB (0x6558), length 102: 52:54:00:00:00:01 > 5e:e0:3c:2b:06:19, ethertype IPv4 (0x0800), length 98: 10.0.4.200 > 10.0.4.100: ICMP echo reply, id 52109, seq 44, length 64
^C
5 packets captured
5 packets received by filter
0 packets dropped by kernelnode4:
[root@node4 ~]# brctl show
bridge name bridge id STP enabled interfaces
br-ex 8000.000c29c76853 no eth3
[root@node4 ~]# brctl addif br-ex sex0
[root@node4 ~]# ip netns exec r0 ifconfig rex0 192.168.243.100/24 up
[root@node4 ~]# ip netns exec r0 ifconfig
rex0 Link encap:Ethernet HWaddr 72:EE:8E:FE:F0:73
inet addr:192.168.243.100 Bcast:192.168.243.255 Mask:255.255.255.0
inet6 addr: fe80::70ee:8eff:fefe:f073/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:168 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13680 (13.3 KiB) TX bytes:1382 (1.3 KiB)
rin0 Link encap:Ethernet HWaddr 5E:E0:3C:2B:06:19
inet addr:10.0.4.100 Bcast:10.0.4.255 Mask:255.255.255.0
inet6 addr: fe80::5ce0:3cff:fe2b:619/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1747 errors:0 dropped:0 overruns:0 frame:0
TX packets:353 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:91062 (88.9 KiB) TX bytes:32514 (31.7 KiB)
[root@node4 ~]# ip netns exec r0 ping 192.168.243.2
PING 192.168.243.2 (192.168.243.2) 56(84) bytes of data.
64 bytes from 192.168.243.2: icmp_seq=1 ttl=128 time=2.12 ms
^C
--- 192.168.243.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 836ms
rtt min/avg/max/mdev = 2.126/2.126/2.126/0.000 ms在node2上面虚拟机c1添加网关为10.0.4.100并ping到达192.168.243.100通,ping外部网络192.168.243.2不通;
node4:
[root@node4 ~]# ip netns exec r0 iptables -t nat -A POSTROUTING -s 10.0.4.0/24 -j SNAT --to-source 192.168.243.100
在node2上面虚拟机c1添加网关为10.0.4.100并ping到达外部网络192.168.243.2通;
node4:
[root@node4 ~]# ip netns exec r0 iptables -t nat -F
[root@node4 ~]# ip netns exec r0 ifconfig rex0:0 192.168.243.101 netmask 255.255.255.0 up
[root@node4 ~]# ip netns exec r0 ifconfig
rex0 Link encap:Ethernet HWaddr 72:EE:8E:FE:F0:73
inet addr:192.168.243.100 Bcast:192.168.243.255 Mask:255.255.255.0
inet6 addr: fe80::70ee:8eff:fefe:f073/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:39095 errors:0 dropped:0 overruns:0 frame:0
TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3089899 (2.9 MiB) TX bytes:5232 (5.1 KiB)
rex0:0 Link encap:Ethernet HWaddr 72:EE:8E:FE:F0:73
inet addr:192.168.243.101 Bcast:192.168.243.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
rin0 Link encap:Ethernet HWaddr 5E:E0:3C:2B:06:19
inet addr:10.0.4.100 Bcast:10.0.4.255 Mask:255.255.255.0
inet6 addr: fe80::5ce0:3cff:fe2b:619/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:71049 errors:0 dropped:0 overruns:0 frame:0
TX packets:375 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3006002 (2.8 MiB) TX bytes:34166 (33.3 KiB)通过windows命令提示符ping到达node4的rex0:0地址192.168.243.101通;
[Smoke.Smoke-PC] ➤ ping 192.168.243.101
正在 Ping 192.168.243.101 具有 32 字节的数据:
来自 192.168.243.101 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.243.101 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.243.101 的回复: 字节=32 时间<1ms TTL=64node4:
[root@node4 ~]# ip netns exec r0 iptables -t nat -A POSTROUTING -s 10.0.4.200/32 -j SNAT --to-source 192.168.243.101
[root@node4 ~]# ip netns exec r0 iptables -t nat -A PREROUTING -d 192.168.243.101 -j DNAT --to-destination 10.0.4.200通过windows命令提示符ping到达node4的rex0:0地址192.168.243.101通;
[Smoke.Smoke-PC] ➤ ping 192.168.243.101 -t
正在 Ping 192.168.243.101 具有 32 字节的数据:
来自 192.168.243.101 的回复: 字节=32 时间=3ms TTL=63
来自 192.168.243.101 的回复: 字节=32 时间=2ms TTL=63
来自 192.168.243.101 的回复: 字节=32 时间=2ms TTL=63node2:
[root@node2 ~]# tcpdump -i eth2 -nne
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
20:53:51.239411 00:0c:29:c7:68:49 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 112: 192.168.20.254 > 192.10:3c:2b:06:19 > 52:54:00:00:00:01, ethertype IPv4 (0x0800), length 74: 192.168.243.1 > 10.0.4.200: ICMP echo reque
20:53:51.249216 00:0c:29:90:d0:a6 > 00:0c:29:c7:68:49, ethertype IPv4 (0x0800), length 112: 192.168.20.1 > 192.1684:00:00:00:01 > 5e:e0:3c:2b:06:19, ethertype IPv4 (0x0800), length 74: 10.0.4.200 > 192.168.243.1: ICMP echo reply
20:53:52.241110 00:0c:29:c7:68:49 > 00:0c:29:90:d0:a6, ethertype IPv4 (0x0800), length 112: 192.168.20.254 > 192.10:3c:2b:06:19 > 52:54:00:00:00:01, ethertype IPv4 (0x0800), length 74: 192.168.243.1 > 10.0.4.200: ICMP echo reque
20:53:52.243160 00:0c:29:90:d0:a6 > 00:0c:29:c7:68:49, ethertype IPv4 (0x0800), length 112: 192.168.20.1 > 192.1684:00:00:00:01 > 5e:e0:3c:2b:06:19, ethertype IPv4 (0x0800), length 74: 10.0.4.200 > 192.168.243.1: ICMP echo reply
^C
4 packets captured
4 packets received by filter
0 packets dropped by kernel